The results can be alarming as it shows how quickly high powered computers can defeat most passwords in use today. The purpose of showing the results is to highlight the threat posed by attackers with access to multimillion dollar supercomputers as well as those equipped with affordable and widely available GPU-assisted PCs and workstations.

The Brute-Force Attack

Passwords can be compromised multiple ways. If the adversary was unsuccessful capturing the plaintext password the alternative is to attempt to recover the password through a stolen copy of the password's hashed digital signature. Brute-force is often the method of last resort by an attacker after all knowledge-based computational attacks have been tried. The method is used because it is effective.

Brute-force attacks are computationally driven therefore its effectiveness is determined largely by the speed of the computers available to the attacker. Given the growing performance of modern supercomputers, parallel processing graphics cards and specialized hash-producing ASICs, the power available to adversaries is formidable and rapidly increasing.

Entropy & Maximum-Time-To-Defeat

Entropy shows a password's complexity expressed as a number of bits. It is given by the formula (H = log2NL) where N is the password cardinality and L is length. The calculator displays entropy values for each password. However, while knowing a password's entropy enables one to calculate how many guesses are needed to defeat a password it doesn't indicate how long the password can survive a brute-force attack using advanced computing technology available to attackers. To offer a more direct way of addressing the survivability question we have introduced the metric Maximum-Time-To-Defeat (MTTD). It is useful to examine password entropy and MTTD together to see the correlation between password complexity and survivability.

Maxium-Time-To-Defeat

Table 1: Passwords Defeated In One Day Or Less

Password
Length

Password Symbols

Password
Entropy

22

Decimal (0-9)

73.1

14

Decimal, lower case alpha (a-z)

72.4

14

Decimal, upper case alpha (A-Z)

72.4

12

Decimal, upper & lower case (a-z, A-Z)

71.5

11

Decimal, upper & lower case, special chars

72.1

Maximum-Time-To-Defeat (MTTD) is the amount of time the computer spends producing the entire set of combinations. The correct interpretation is that the computer needs no longer than the amount of time specified using a brute-force attack. It is important to understand that the time to defeat a specific password using the brute force approach can be much less than the MTTD because there's no reason to assume the attacker will have to test every incorrect password before the correct one is found.

To illustrate the point consider a simple example. Consider one has a three character password comprised of only decimal digits (0-9). That password selection can produce 1,000 (10 to the power of 3) possible password combinations ranging from 000 - 999. Suppose one chooses a specific password from that pool of combinations and the one chosen is "333". If a brute-force attack is launched and begins with "000" and continues working upward it will produce a corresponding match in one third the time required to generate all 1000 combinations. Choosing "777" as the password doesn't help because a brute force attack could just as easily begin at "999" and work down. Alternatively a brute force attack could start in the middle and work outward.

If one entered the parameters of the "333" password example above into the calculator they would find that the MTTD for the PC would be
only .2 billionths of one second. This is virtually instantaneous. The supercomputer would defeat the password even faster. If one wants a password to have a specific lifespan they should select a design that has an MTTD far greater (possibly millions of times greater) than the desired lifespan.

Table 1. above, show passwords that are all potentially defeated in less than a single day with current computing power. Row one shows that even a password 22 characters long using decimal digits-only will be breached in under a day with present supercomputer power. Similarly, the supercomputer will defeat passwords of 14 chararcters in length with the addition of either upper or lower case characters, and do the same to a complex 11 character password consisting of decimal digits, upper & lower case and special characters. it is consistent that passwords with similar MTTD values have similar values for entropy.

Table 2 shows the relative strength of a set of passwords of varying length while holding the number of password symbols (password cardinality) constant and compared for both the supercomputer and PC. In Table 2 all passwords have decimal digits, upper & lower case characters.

Several conclusions can be drawn from this data: 1). The strength of a password composed of random characters is proportional to password length and password cardinality, 2). Longer passwords are better than short ones. Larger cardinality is better than a small one, and 3). In view of present supercomputer power it is high risk to use any password having 11 or fewer characters composed on a standard computer keyboard.

The Starting Point For Effective Password Design

Given the continuing advances in supercomputer performance along with the wide availability of high-performance PC-based accelerators, the need to employ longer and more complex passwords to protect one's data is clear. The two questions one needs to ask before creating their next password is; "What is the desired lifespan of the password?" and "Who do I need to protect the data from?". The answer to these questions will dictate the password design.